期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于回溯的Web上应用层DDOS检测防范机制 被引量:20

Mechanism of Detecting and Preventing Application Layer DDOS Attack Based on Traceback
下载PDF
导出
摘要 分布式拒绝服务攻击(Distributed Denial of Service)是一种攻击者使用各种方法,试图将攻击目标的网络资源和系统资源消耗殆尽,使之无法向真正的合法用户提供服务的攻击。随着技术的进一步发展,基于网络层上的DDOS攻击得到了很大程度上的削弱。然而,越来越多的攻击出现在了应用层,攻击的形式更加多样和复杂。从下层协议的角度来看,攻击中涉及的流量可能是合法的,使得检测和防范工作愈发困难。文中以实例为基础,解释基于应用层的攻击原理和方法,结合现有的技术,总结出检测和防范的机制并进行改进。 Distributed Denial of Service is an attempt to make a machine or network resource unavailable to its intended users. With the further development of technology, DDOS attacks on the network layer have been largely weakened. However, more and more attacks occur in the application layer with various and more complicated forms. Attack traffic may be legitimate from the view of the lower layer protocol, which makes the detection and prevention more difficult. This article explained the discipline and measures of application DI)OS attack by instances, summarizes and improves the mechanism of detection and prevention with present technology.
作者 王睿
机构地区 中山大学信息科学与技术学院
出处 《计算机科学》 CSCD 北大核心 2013年第11A期175-177,共3页 Computer Science
关键词 分布式拒绝服务攻击 攻击检测 攻击防范 网络安全 DDOS, Attack detection, Attack prevention, Network security
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

二级参考文献25

  • 1AHN L V, BLUN M, HOPPER N J, et al. CAPTCHA: using hard AI problems for security[C]//Lecture Notes in Computer Science, vol 2656. [S.l.] :Springer-Verlag, 2003:646-653.
  • 2KANDULA S, KATABI D, JACOB M, et al. Botz-4-Sale: surviving organized DDoS attacks that mimic flash crowds[C]//Proc of the 2nd Symposium on Networked Systems Design and Implementation. 2005:287-300.
  • 3RANJAN S, SWAMINATHAN R, UYSAL M, et al. DDoS-resilient scheduling to counter application layer attacks under imperfect detection[C]//Proc of the 25th IEEE International Conference on Computer Communications. Barcelona:IEEE Press, 2006:1-13.
  • 4YATAGAI T, ISOHARA T, SASASE I. Detection of HTTP-GET flood attack based on analysis of page access behaviour[C]//Proc of IEEE Pacific Rim Conference on Communications, Computers and Signal Processing. Victoria: IEEE Press, 2007:232-235.
  • 5WALFISH M, VUTUKURU M, BALAKRISHNAN H, et al. DDoS defense by offense[C]//Proc of Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. New York:ACM Press, 2006:303-314.
  • 6OIKONOMOU G, MIRKOVIC J. Modeling human behaviour for defense against flash-crowd attacks[C]//Proc of IEEE International Conference on Communications.Dresden: IEEE Press, 2009:1-6.
  • 7TracesavailableintheInternettrafficarchive[EB/OL].http://ita.ee.lbl.gov/html/traces.html.
  • 8Chang R K C. Defending against flooding-based distributed denial-of-service attacks: a tutorial, IEEE Communication Magazine, 2002,40 (10): 42-51
  • 9EBay W M, Buy A. com hit by attacks. IDG News Service, 2000
  • 10David J, et al. Results of the distributed-systems intruder tools workshop. Published at the CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, Nov. 1999

共引文献67

同被引文献95

  • 1罗华,胡光岷,姚兴苗.基于网络全局流量异常特征的DDoS攻击检测[J].计算机应用,2007,27(2):314-317. 被引量:13
  • 2孙知信,姜举良,焦琳.DDOS攻击检测和防御模型[J].软件学报,2007,18(9):2245-2258. 被引量:34
  • 3孙知信,李清东.基于源目的IP地址对数据库的防范DDos攻击策略[J].软件学报,2007,18(10):2613-2623. 被引量:21
  • 4ZHU Q Y,YANG X F,YANG L X,et al.Optimal control of computer virus under a delayed model[J].Applied Mathematics and Computation,2012,218 (23):11613-11619.
  • 5Zhu Q Y, Yang X F, Yang L X, et al. Optimal control of comput- er virus under a delayed model[J]. Applied Mathematics and Computation, 2012,218(23) : 11613-11619.
  • 6Bimal K M,Gholam M A.Differential epidemic model of virus and worms in computer network [J].International Journal of Network Security,2012,14(3):149-155.
  • 7Zhu Q Y,Yang X F,Yang L X,et al.Optimal control of computervirus under a delayed model [J].Applied Mathematics and Computation,2012,218(23):11613-11619.
  • 8Zhu Q Y,Yang X F,Yang L X,et al. Optimal control ofcomputer virus under a delayed model [J]. Applied Mathe.matics and Computation,2012,218(23): 11613–11619.
  • 9Mehdi K, Sonia A, Mustafa MA. Performance Modeling ofMessage Dissemination in Vehicular Ad Hoc Networkswith Priority [J]. IEEE Journal On Selected Areas in Com-munications,2011,29(1):61-71.
  • 10Bimal K M,Gholam M A.Differential epidemic model of virus and worms in computer network[J].International Journal of Network Security,2012,14(3):149-155.

引证文献20

二级引证文献33

计算机科学
2013年 第11A期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部